Skip to content

Keycloak

Waldur supports integration with Keycloak identity manager.

Below is a guide to configure Keycloak OpenID Connect client and Waldur intergration.

Configuring Keycloak

Instructions below are aimed to provide a basic configuration of Keycloak, please refer to Keycloak documentation for full details.

  1. Login to admin interface of Keycloak.
  2. Create a new realm (or use existing) New realm
  3. Open a menu with a list of clients. List clients
  4. Add a new client for Waldur by clicking on Create client button. Add client
  5. Make sure that Client authentication is enabled. Set access type
  6. Change client's Valid redirect URIs to "*". Valid redirect URIs
  7. Copy secret code from Credentials tab. Secret code
  8. You can find the settings required for configuration of Waldur under the following path on your Keycloak deployment (change test-waldur to the realm that you are using): /realms/test-waldur/.well-known/openid-configuration

Configuring Waldur

  1. Make sure SOCIAL_SIGNUP is added to the list of available authentication methods:

    1
    WALDUR_CORE['AUTHENTICATION_METHODS'] = ["LOCAL_SIGNIN", "SOCIAL_SIGNUP"]

Identity providers 3. Open Keycloak identity provider details by clicking on Edit menu of Keycloak dropdown menu HomePort provider details 4. Copy Client ID, Client secret and Discovery URL. For extra security, enable SSL, PKCE and post-logout redirect.